Configure ISA 2000 to allow FTP

I've installed SBS2003 Premium and enabled ISA 2000 to act as my firewall. I'm trying to access our external web hosts FTP site from my client machine on the LAN (Windows XP SP2). I'm using Dreamweaver MX 2004 to do this. The Windows Firewall is also active on all clients and I've added a local exception on my machine for Dreamweaver.

On the ISA Server it appears that Protocol Definition for FTP is:

FTP   FTP Protocol   Application Filter   21   TCP   Outbound
FTP Download Only   FTP Download only Protocol   Application Filter   21   TCP   Outbound
FTP Server   FTP Server protocol   Application Filter   21   TCP   Inbound

The problem I have is that I wish to use Dreamweaver to access my remote site using FTP. I've configured Dreamweaver as so:

Access: FTP
FTP Host: (actual domain hidden)
Login: loginName (obviously not the Username)
Password: PasswordHere (obviously not the password)

I've tried enabling/disabling Passive FTP
Also tried enabling/disabling Use Firewall (with my Proxy settings set to SBSSERV:8080 with Firewall Port 21)

Nothing appears to work. When I enable the Use Firewall option and click Test Dreamweaver attempts to connect, I get a progress bar and it says Connecting to..., followed by Waiting for Server and then I get the following error:

An FTP error occured - cannot make connection to host
The remote host cannot be found

Any ideas?
Steven O'NeillSolutions ArchitectAsked:
Who is Participating?
Actually, 21 is the control channel, 20 is the back connection from the server to send the data.  If you're attempting to use PASV then the client will make the request for the secondary channel rather than the server.

Make sure the FTP protocol - Application Filter is enabled and hasn't been changed.

If this ISA is behind a primary edge-firewall (like a PIX) or you have your router setup to block things, you may also need to create an Access Control list to allow the FTP server inbound port 20 to your server - just another thought.

You need to open the control channel also - port 20.

Are you using the built-in FTP filter or Protocol Definition?
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Have you tried connecting by using the IP address instead?  I know it sounds screwey, but give that a try and see if you can connect.

Steven O'NeillSolutions ArchitectAuthor Commented:
Thanx for the responses. The ISA server sits behind an Intelligent Gateway 1800 (BT Office Broadband box) which has it's own built in firewall. I've set this up to allow FTP thru it to the WAN NIC on my SBS Server but may not have done this completely (need to check settings again).

I haven't altered the protocols for FTP that ISA Sets up. I'll check them all and let you know.

I haven't tried connecting via the IP only. I'll also try this and get back to you.
Steven O'NeillSolutions ArchitectAuthor Commented:
Okay I've tried all the solutions offered and managed to find this doc:

This has worked out and allows me to do what I want. So Netman66 gets the points for being in the right direction (not the exact solution but pointed me the right way).

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.